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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments witli respect to claims 1 -7 and 1 6-20 have been 
considered but are moot in view of the new ground(s) of rejection. 

2. The allowability of claims 8-1 5 has been withdrawn. 

Specification 

3. The abstract of the disclosure is objected to because it does not reflect the 
invention nor show "the gist of the technical disclosure". Correction is required. See 
MPEP§ 608.01(b). 

Claim Objections 

4. Claim 8 is objected to because of the following informalities: 

Examiner suggests replacing "a foreign network" in line 13 with "the foreign 
network" in consistent with "a foreign network" in line 4. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
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applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

6. Claims 8-10 are rejected under 35 U.S.C. 102(e) as being anticipated by Iyer 
(Pub No. 2004/0073642). 

With regard to claim 8, Iyer discloses 

a foreign network (external network 15, para. [0021]) coupled to a mobile node 
(MN 13) associated with a virtual private network (Fig. 1) {See Also right-hand side of 
Outer Firewall 9) and having a public home address (outer IP address, para. [0022]); 

a virtual private network gateway (VPN Gateway 11) receiving Information 
packets entering and leaving the virtual private network, with a virtual private network 
tunnel inner address (VPN tunnel inner address, para. [0025]) used for routing 
packets to the virtual private network gateway transmitted from nodes within the virtual 
private network and a virtual private network gateway address (the inner IP address, 
the outer IP address, para. [0022]) used for routing packets to the virtual private 
network gateway transmitted from at least one mobile node (MN 13) located outside the 
virtual private network on the foreign network (external network 15, para. [0021]); 

the mobile node location on the foreign network Is designated by a care-of 
address (point-of-attachment care-of address, para. [0022]); and 

the virtual private network tunnel inner address (VPN tunnel inner address, 
para. [0025]) and virtual private network gateway address (outer IP address, para. 
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[0022]) being sufficient for tunneling information packets to and within said virtual 
private network. 

With regard to claims 9 and 10, Iyer further discloses care-of address for the 
mobile node (point-of-attachment care-of address, para. [0022]). 

With regard to claim 12, Iyer further discloses a virtual private network tunnel 
inner address (VPN tunnel inner address, para. [0025]). 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1-3,5-7,11,13-15 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Iyer in view of Vaarala et al. (Pub No. US 2005/0177722). 

With regard to claim 1 , Iyer discloses 

a virtual private network (Fig. 1) (See Also right-hand side of Outer Firewall 9) 
having a security gateway (VPN Gateway 11) and a home agent (Home Agent 7, para. 
[0015]), wherein said mobile node (MN 13) is connected to a foreign network (external 
network 15, para. [0021]) and information packets are transmitted to the mobile node 
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from the virtual private network ("the communciaiton between the MN 13 and the 
LAN para. [0020]), and wherein said security gateway on the virtual private 
network is connected to said home agent (See Fig. 1), said security gateway having an 
inner tunnel address for routing packets within the virtual private network (VPN tunnel 
inner address, para. [0025]); and 

a correspondence node (CN 8) located on the virtual private network (Fig. 1) 
(See Also right-hand side of Outer Firewall 9) and coupled to said home agent on the 
virtual private network (See Fig. 1), wherein an information packet transmitted from the 
correspondence node is encapsulated by the home agent (See arrow from CN to HA), 
said encapsulated information packet is transmitted to the security gateway using the 
inner tunnel address and said security gateway transmits the encapsulated information 
packet to the mobile node ("... VPN tunnel inner address ... In this way, the VPN 
tunnel, once established does not have to change ... each time the actual point-of- 
attachment IP address 31,32 changes ... to send packets through any network.", 
para. [0025]). 

However, Iyer fails to explicitly show that an encapsulated information packet. 

In an analogous art of mobile IP, Vaarala discloses an encapsulated information 
packet ([tunnel mode] ... the original packet is encapsulated, para. [0014]). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine an encapsulated packet as taught in Vaarala with Iyer for the 
benefit of implementing a secure connection. Vaarala, para. [0001]. 
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With regard to claims 2 and 3, tine combination of Iyer and Vaarala discloses the 
packet-based wireless communication system for communicating with a mobile node of 
claim 1. 

Vaarala further discloses a security gateway encrypts (encrypt) (IPsec can 
encrypt and/or authenticate traffic, para. [0006]) the information packet. 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine encryption as taught in Vaarala with Iyer for the benefit of 
implementing a secure connection. Vaarala, para. [0001]. 

With regard to claim 5, the combination of Iyer and Vaarala discloses the packet- 
based wireless communication system for communicating with a mobile node of claim 1 . 

Vaarala further discloses an information packet that includes an address for the 
security gateway (see IPSec in paclcet in Fig. 2). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine an address for the security gateway as taught in Vaarala with 
Iyer for the benefit of implementing a secure connection. Vaarala, para. [0001]. 

With regard to claim 6, Iyer further discloses a virtual private network inner tunnel 
address (VPN tunnel inner address, para. [0025]) 
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With regard to claim 7, Iyer further discloses a security gateway that transmits 
the information packet to the home agent to forward outside the virtual private network 
to the mobile node (See Fig. 1). 

With regard to claim 11, Iyer discloses the wireless communication system 
utilizing an information packet transmitted in a packet-based communication of claim 8. 
However, Iyer fails to explicitly show encrypting the information packet. 

In an analogous art of mobile IP, Vaarala discloses encrypting (encrypt) (IPsec 
can encrypt and/or authenticate traffic, para. [0006]) the information packet. 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine encryption as taught in Vaarala with Iyer for the benefit of 
implementing a secure connection. Vaarala, para. [0001]. 

With regard to claims 13-15, Iyer discloses the wireless communication system 
utilizing an information packet transmitted in a packet-based communication of claim 8. 
However, Iyer fails to explicitly show appending addresses to the information packet. 

In an analogous art of mobile IP, Vaarala discloses appending addresses to the 
information packet (IP|ESP|IP|Payload, para. [0014]) (See Also Fig. 2). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine appending addresses to the information packet as taught in 
Vaarala with Iyer for the benefit of implementing a secure connection. Vaarala, para. 
[0001]. 
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9. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Iyer and 
Vaarala as applied to claim 1 above, and further in view of O'Neill (Pub No. 
US2004/0047322). 

With regard to claim 4, the combination of Iyer and Vaarala discloses the packet- 
based wireless communication system for communicating with a mobile node of claim 1 . 
However, the combination fails to explicitly show that a communication system that 
does not use an external home agent for forwarding the information packet to the 
mobile node. 

In an analogous art of mobile IP, O'Neill further discloses a communication 
system that does not use an external home agent for forwarding the information packet 
to the mobile node (PCCoA functionality is provided between the end node and the 
access node, does not need the assistance of the Home Agent to invoke that 
functionality, para. [0044]). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine a communication system that does not use an external home 
agent for forwarding the information packet to the mobile node as taught in O'Neill with 
Iyer and Vaarala for the benefit of support encapsulation and tunneling between 
network domains which use different address prefixes. O'Neill, para. [0002]. 
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10. Claims 16-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
O'Neill in view of Iyer and Vaarala. 

With regard to claim 16, O'Neill discloses a mobile IP network (Fig. 5) 

providing a virtual private network associated with a mobile node (end nodes 
502,504 in Fig. 5, para. [0045]) connected to a foreign network (communication cells 
501 in Fig. 5, para. [0045]); 

forming an information packet (data) a correspondence node (CN) on the virtual 
private network for transmission (session) to the mobile node (end node N 504) (CN 
542 operates as corresponding node in a data session with at least end node N 
504, para. [0046]); and 

forwarding the information packet (PCCoA- Proxy Colocate Care of Address) 
to the mobile node without using an external home agent (PCCoA functionality is 
provided between the end node and the access node, does not need the 
assistance of the Home Agent to invoke that functionality, para. [0044]). 

However, O'Neill falls to explicitly show providing a security gateway located on 
the virtual private network and connected to a home agent and the correspondence 
node connected to said foreign network, said security gateway on the virtual private 
network being designated with a gateway address for routing information packets to the 
virtual private network and having an inner tunnel address for routing information 
packets within the virtual private network; transmitting the information packet to the 
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security gateway using said inner tunnel address to route said information packet witliin 
the virtual private network to the security gateway; and encapsulating the information 
packet at the security gateway. 

In an analogous art of mobile IP, Iyer discloses 

a security gateway (VPN Gateway 11) located on the virtual private network 
(Fig. 1) (See Also right-hand side of Outer Firewall 9) and connected to a home 
agent (Home Agent 7, para. [0015]) and the correspondence node (CN 8) connected 
to said foreign network (external network 15, para. [0021]), 

said security gateway on the virtual private network having an inner tunnel 
address (VPN tunnel inner address) for routing information packets within the virtual 
private network ("... VPN tunnel inner address ... In this way, the VPN tunnel, once 
established does not have to change ... each time the actual point-of-attachment 
IP address 31,32 changes ... to send packets through any network.", para. [0025]); 

transmitting the information packet to the security gateway using said inner 
tunnel address to route said information packet within the virtual private network to the 
security gateway ("... VPN tunnel inner address ... In this way, the VPN tunnel, 
once established does not have to change ... each time the actual point-of- 
attachment IP address 31,32 changes ... to send packets through any network.", 
para. [0025]). 

Vaarala discloses said security gateway (SGW)("packet routed from the 
originating host to a security gateway SGW", para. [0015]) on the virtual private 
network being designated with a gateway address for routing information packets to the 
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virtual private network (see IPSec in packet in Fig. 2) and encapsulating the 
information packet ([tunnel mode] ... the original packet is encapsulated, para. 
[0014]). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine providing a security gateway located on the virtual private 
network and connected to a home agent and the correspondence node connected to 
said foreign network, said security gateway on the virtual private network being 
designated with a gateway address for routing information packets to the virtual private 
network and having an inner tunnel address for routing information packets within the 
virtual private network; transmitting the information packet to the security gateway using 
said inner tunnel address to route said information packet within the virtual private 
network to the security gateway; and encapsulating the information packet at the 
security gateway as taught by either Iyer or Vaarala, with O'Neill , for the benefit of 
implement a more secure communication. 

With regard to claim 17, the combination of O'Neill, Iyer and Vaarala discloses 
the method of packet-based communication to a mobile node from a correspondence 
node on a virtual private network of claim 16. 

Vaarala further discloses encrypting (encrypt, para. [0006]) an encapsulated 
information packet at the security gateway prior to transmitting said packet to the mobile 
node. 
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At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine encryption at the security gateway as taught in Vaarala with 
O'Neill and Iyer for the benefit of implementing a secure connection. 

With regard to claim 18, the combination of O'Neill, Iyer and Vaarala discloses 
the method of packet-based communication to a mobile node from a correspondence 
node on a virtual private network of claim 16. 

Iyer further discloses encapsulating the information packet at the home agent 
with the inner tunnel address to allow the correspondence node on the virtual private 
network to route packets to the security gateway ("... VPN tunnel inner address ... In 
this way, the VPN tunnel, once established does not have to change ... each time 
the actual point-of-attachment IP address 31,32 changes ... to send packets 
through any network.", para. [0025]). 

At the time of the invention, it would have been obvious to a person of ordinary 
skills in the art to combine encapsulating the information packet at the home agent with 
the inner tunnel address to allow the correspondence node on the virtual private 
network to route packets to the security gateway as taught in Iyer, with O'Neill and 
Vaarala, for the benefit of implementing a secure connection. 

With regard to claim 19, O'Neill further discloses 

transmitting the information packet out of the virtual private network from the 
home agent (forward direction, para. [0049]). 
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With regard to claim 20, O'Neill further discloses 

transmitting the information packet out of the virtual private network from the 
security gateway (incoming direction, para. [0049]). 



Conclusion 

1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Blanche Wong whose telephone number is 571-272- 
3177. The examiner can normally be reached on Monday through Friday, 830am to 
530pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on 571-272-7884. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status Information for unpublished applications Is available through Private PAIR only. 
For more Information about the PAIR system, see http://palr-dlrect.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Blanche Wong/ 
Examiner, Art Unit 2419 
May 5, 2009 

/Salman Ahmed/ 
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